root
ad0b745b31
new file: modules/exploits/windows/fileformat/bsplayer_m3u.rb
2012-01-12 16:12:43 -05:00
Tod Beardsley
092b226cce
Updating tns_auth_sesskey to use a user-supplied SID
...
Applying the patch suggested by Lukas, here: http://mail.metasploit.com/pipermail/framework/2012-January/008374.html
2012-01-11 07:31:36 -06:00
Tod Beardsley
7e25f9a6cc
Death to unicode
...
Apologies to the authors whose names I am now intentionally misspelling.
Maybe in another 10 years, we can guarantee that all terminals and
machine parsers are okay with unicode suddenly popping up in strings.
Also adds a check in msftidy for stray unicode.
2012-01-10 14:54:55 -06:00
sinn3r
bc9014e912
Add new v3.4 target by Michael Coppola (Feature #6207 )
2012-01-09 23:51:11 -06:00
sinn3r
8eee54d1d0
Add e-mail addr for corelanc0d3r (found it in auxiliary/fuzzers/ftp/client_ftp.rb)
2012-01-09 14:23:37 -06:00
sinn3r
2f9d563067
Update reference
2012-01-09 02:14:29 -06:00
David Maloney
9cf2af6a94
Adds exploit/windows/htt/xampp_webdav_upload_php
...
This exploit abuses weak default passwords on XAMPP
for windows to uplaod a php payload and execute it.
Fixes #2170
2012-01-06 12:00:14 -08:00
Sam Sharps
06414c2413
changed author to my actual name
2012-01-06 01:03:20 -06:00
Sam Sharps
b26ed37467
Added description, urls, and another author
2012-01-06 00:47:01 -06:00
Sam Sharps
5c05cebaf7
Added ms05_054_onload.rb IE 6 SP 2 exploit - CVE-2005-1790
2012-01-06 00:16:45 -06:00
sam
f3a9bc2dad
Added ms05_054_onload.rb IE 6 SP 2 exploit - CVE-2005-1790
2012-01-06 00:12:28 -06:00
sinn3r
8cced0a91e
Add CVE-2011-2462 Adobe Reader U3D exploit
2012-01-04 03:49:49 -06:00
Joshua J. Drake
958ffe6e1d
Fix stack trace from unknown agents
2012-01-02 03:41:49 -06:00
Steve Tornio
7bfdc9eff4
add osvdb ref
2012-01-01 09:10:10 -06:00
sinn3r
d9db03dba6
Add CoCSoft StreamDown buffer overflow (Feature #6168 ; no CVE or OSVDB ref)
2011-12-30 10:16:29 -06:00
sinn3r
b202c29153
Correct e-mail format
2011-12-29 11:27:10 -06:00
sinn3r
d484e18300
Add e-mail for tecr0c
2011-12-29 11:14:15 -06:00
sinn3r
9972f42953
Add e-mail for mr_me for consistency
2011-12-29 11:01:38 -06:00
Tod Beardsley
0e3370f1fe
Grammar and spelling on splunk and oracle exploits
2011-12-28 13:42:56 -06:00
Steve Tornio
4215ef3ae1
add osvdb ref
2011-12-24 06:54:39 -06:00
steponequit
69570dada6
Add CVE-2008-2161 OpenTFTP SP 1.4 Buffer Overflow by steponequit
2011-12-23 16:28:36 -06:00
steponequit
84c6739921
added initial opentftp 1.4 windows exploit
2011-12-23 11:27:11 -06:00
sinn3r
41697440c7
Add Oracle Job Scheduler Command Execution (CreateProcessA) - Feature #6079
2011-12-23 01:22:39 -06:00
sinn3r
baaa1f6c82
Add US-Cert references to all these SCADA modules. The refers are based on this list:
...
http://www.scadahacker.com/resources/msf-scada.html
2011-12-20 14:07:29 -06:00
sinn3r
b58097a2a7
Remove junk() because it's never used
2011-12-17 01:28:07 -06:00
sinn3r
fae80f8d49
typo
2011-12-16 11:10:46 -06:00
Steve Tornio
1712f2aa22
add osvdb ref
2011-12-14 07:23:11 -06:00
sinn3r
fea4bfb85c
Repair dead milw0rm link to exploit-db
2011-12-13 16:13:53 -06:00
sinn3r
c1a4c4e584
Repair dead milw0rm link to exploit-db
2011-12-13 16:13:34 -06:00
sinn3r
acef9de711
Repair dead milw0rm link to exploit-db
2011-12-13 16:13:15 -06:00
sinn3r
d246bfa4da
Credit Luigi Auriemma for the original discovery/poc, not Celil
2011-12-13 15:20:26 -06:00
Tod Beardsley
a8fad72fce
Merge branch 'msftidy_fixup'
...
Merging a local msftidy cleanup branch, adding a new optional msftidy
test to check for 1.8 compat and cleaning up some whitespace /
file.open()'s.
2011-12-12 17:55:21 -06:00
Tod Beardsley
f402b8598b
Whitespace and File.open binary mode cleanups.
...
Fixes some recent modules: dns_fuzzer, shodan_search,
avidphoneticindexer, and win_privs.
2011-12-12 17:31:28 -06:00
sinn3r
bacdbb90d7
ugh, stack overflow != stack buffer overflow. Also, metadata format fix.
2011-12-12 15:23:32 -06:00
sinn3r
5af5137241
Add CoDeSys SCADA bof module ( #6083 )
2011-12-12 15:21:15 -06:00
HD Moore
4736cb1cbe
Merge pull request #48 from swtornio/master
...
add osvdb ref
2011-12-11 20:37:43 -08:00
HD Moore
1ae12e3a23
Remove the default target, since module doesn't fingerprint the service
...
pack, this can only end in tears.
2011-12-10 13:31:05 -06:00
Steve Tornio
b521602d82
add osvdb ref
2011-12-10 07:49:50 -06:00
sinn3r
0e2101e4c1
Correct author name
2011-12-07 00:24:16 -06:00
sinn3r
92c1065508
Add CVE-2004-1626 (Ability FTP Server). OSCP l337-fu :-)
2011-12-06 18:52:42 -06:00
sinn3r
e524215b55
WTH, the date format is wrong
2011-12-04 15:23:31 -06:00
Steve Tornio
b75799d18d
=add osvdb ref
2011-12-02 16:50:42 -06:00
Steve Tornio
83f12c6fe0
=add osvdb ref
2011-12-02 16:46:01 -06:00
sinn3r
c8634390b7
Add CCMPlayer m3u exploit (Feature #6029 )
2011-12-02 16:27:59 -06:00
sinn3r
f4b755c319
Add License comment (author already put 'MSF_LICENSE' in there). Also drop rank, because it doesn't cover so many targets
2011-12-02 15:00:39 -06:00
sinn3r
cd2bb027bf
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-12-02 14:54:53 -06:00
sinn3r
895a509bd3
Add Avid Media Composer 5.5 (Feature #6035 )
2011-12-02 14:53:26 -06:00
Steve Tornio
2bb97791f7
Update OSVDF refs for servu module.
...
* Added osvdb ref to servu module.
* Fixed rhino entry in osvdb, removed comment from module.
Squashed commit of the following:
commit 80ce65253f51e07a0bcb8900402a1b3d59eaeaa1
Author: Steve Tornio <swtornio@gmail.com>
Date: Fri Dec 2 07:44:28 2011 -0600
add osvdb ref
commit 558f20d84dd705b57b7f807a5ea3815e17b6f9f5
Author: Steve Tornio <swtornio@gmail.com>
Date: Wed Nov 30 08:15:20 2011 -0600
fixed in osvdb
[Closes #39 ]
2011-12-02 13:21:41 -05:00
David Maloney
2858cae296
Some quick corrections to tidy things up
2011-11-29 19:57:08 -08:00
David Maloney
be88f483a3
More Accurate Vulnerability Check
2011-11-29 18:38:00 -08:00
David Maloney
0dda948265
New Exploit for the Serv-U FTP Buffer overflow
...
from CVE 2004-2111
2011-11-29 17:34:01 -08:00
Tod Beardsley
f503bd9488
Fixes #5749 by converting to unix-style linefeeds and forcing jtr modules to read files as binary, and updating msftidy to allow for r+b as a ghetto append.
2011-11-28 17:52:34 -06:00
Rob Fuller
c411c216c0
Solved most of msftidy issues with the /modules directory
2011-11-28 17:10:29 -06:00
sinn3r
e11ca43c37
Add feature #5680
2011-11-21 12:39:45 -06:00
sinn3r
76846aa578
Add MS10-038 (CVE-2010-0822) exploit
2011-11-21 11:36:47 -06:00
sinn3r
28a079f308
Add credit to the appropriate researcher
2011-11-20 02:32:45 -06:00
sinn3r
95d639ccf7
Change target index and names. Also retested on XP all the way to Win 7, IE 6 to IE8.
2011-11-20 01:44:52 -06:00
sinn3r
9c2fab0921
Add CVE-2010-0356 (Viscom Movie Player Pro) by tecr0c
2011-11-19 20:40:04 -06:00
sinn3r
30f13984ea
Add wireshark console.lua exploit (CVE-2011-3360)
2011-11-18 21:24:48 -06:00
sinn3r
fea42dbdee
Add feature #5872
2011-11-16 12:26:54 -06:00
David Maloney
c8142043e9
Fixes to credential handling to downcase usernames whenever they are not case sensitive.
...
Also report_auth_info now checks to see if a non-case sensitive version of the cred
may already exist.
2011-11-14 22:50:52 -08:00
sinn3r
2536cf0308
Add feature #5779
2011-11-14 01:49:26 -06:00
Steve Tornio
a0c9297500
add osvdb ref
2011-11-12 06:01:41 -06:00
sinn3r
170c4f5451
Fix author email format
2011-11-12 01:53:25 -06:00
sinn3r
b8b8732d85
Correct disclosure date
2011-11-12 01:12:28 -06:00
sinn3r
ed5bae6441
oops, I don't need that extra comment
2011-11-12 01:04:00 -06:00
sinn3r
84c5268ab4
Add Aviosoft DTV exploit
2011-11-12 01:02:40 -06:00
Patrick Webster
f54b622ad3
Added BID ref for amlibweb module.
2011-11-11 12:04:40 +11:00
wchen-r7
c569ec4a33
Don't really need a revision # in source
2011-11-09 22:10:52 -06:00
Wei Chen
32bb3af298
Add feature #5946
2011-11-09 21:49:34 -06:00
Matt Weeks
fdf13e5e0e
Fixes #5927
...
git-svn-id: file:///home/svn/framework3/trunk@14196 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 21:45:17 +00:00
Wei Chen
c4fa5b4674
Fix #5937 . Vista is currently taken down because it's not stable enough.
...
git-svn-id: file:///home/svn/framework3/trunk@14188 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 09:35:18 +00:00
Wei Chen
0b981b0db0
Add OSVDB reference
...
git-svn-id: file:///home/svn/framework3/trunk@14179 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-07 02:01:42 +00:00
Wei Chen
e767214411
Fix: whitespaces, svn propset, author e-mail format
...
git-svn-id: file:///home/svn/framework3/trunk@14175 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-06 22:02:26 +00:00
Wei Chen
49dddf1396
Yeah, don't really need the bottom comment anymore
...
git-svn-id: file:///home/svn/framework3/trunk@14172 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-06 20:16:34 +00:00
Wei Chen
43a22d3fa0
Add Office 2007 SP2 target, thanks Juan
...
git-svn-id: file:///home/svn/framework3/trunk@14171 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-06 17:33:29 +00:00
Wei Chen
1a2f60f4c0
Add MS11-021 ( #5917 )
...
git-svn-id: file:///home/svn/framework3/trunk@14169 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-05 23:05:42 +00:00
James Lee
155c3ff9ac
whitespace
...
git-svn-id: file:///home/svn/framework3/trunk@14157 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-04 17:17:10 +00:00
Steve Tornio
7a07e069da
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@14156 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-04 14:15:00 +00:00
Wei Chen
3d6f631780
Upgrade mini_stream as a remote module. Account for all variables that affect the offset to EIP. Also digital1 = Ron.
...
git-svn-id: file:///home/svn/framework3/trunk@14155 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-04 08:20:43 +00:00
Wei Chen
b809f00979
Add NJStar MiniSMTP bof (Feature #5901 )
...
git-svn-id: file:///home/svn/framework3/trunk@14135 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-01 08:19:55 +00:00
Mario Ceballos
0890cca02a
much needed patch worked like a champ in my enviroment.
...
git-svn-id: file:///home/svn/framework3/trunk@14132 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 20:37:30 +00:00
Wei Chen
3eff1cfaa5
This exploit does not work at all, and could not be fixed in time. See #5854
...
git-svn-id: file:///home/svn/framework3/trunk@14088 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-27 01:47:48 +00:00
Mario Ceballos
7b099bbaef
remove Rex::Text.pattern_create()
...
git-svn-id: file:///home/svn/framework3/trunk@14076 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 22:16:26 +00:00
Wei Chen
ded364c8ef
Feature #5621
...
git-svn-id: file:///home/svn/framework3/trunk@14075 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 21:25:46 +00:00
David Rude
086af94b5d
Adds Foxit PDF Reader Exploit CVE-2009-0837
...
git-svn-id: file:///home/svn/framework3/trunk@14069 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 20:15:12 +00:00
Joshua Drake
32cde1d45a
don't use the pattern creator
...
git-svn-id: file:///home/svn/framework3/trunk@14050 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 19:43:54 +00:00
Wei Chen
fa2355a766
Damn comma
...
git-svn-id: file:///home/svn/framework3/trunk@14048 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 16:42:07 +00:00
Wei Chen
68286561f5
Add #5742
...
git-svn-id: file:///home/svn/framework3/trunk@14047 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 16:38:02 +00:00
Wei Chen
c0d362bd83
Fix tabs, and the correct the bottom comment
...
git-svn-id: file:///home/svn/framework3/trunk@14041 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 01:39:11 +00:00
Wei Chen
a8d62ae01a
Add feature #5592 (Cytel Studio)
...
git-svn-id: file:///home/svn/framework3/trunk@14040 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 01:37:32 +00:00
Joshua Drake
7bfa29ace4
clean up exploit HTML print_status
...
git-svn-id: file:///home/svn/framework3/trunk@14036 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-23 14:21:57 +00:00
Joshua Drake
62c8c6ea9f
big msftidy pass, ping me if there are issues
...
git-svn-id: file:///home/svn/framework3/trunk@14034 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-23 11:56:13 +00:00
Steve Tornio
27cba3d7ec
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@14020 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-21 11:50:59 +00:00
Wei Chen
06aa776a77
Bleh, fix BID reference
...
git-svn-id: file:///home/svn/framework3/trunk@14016 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-20 17:40:21 +00:00
Wei Chen
e5f7bfceaf
Add HP Power Manager module by ipax, thx!
...
git-svn-id: file:///home/svn/framework3/trunk@14015 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-20 17:29:48 +00:00
David Rude
091b9779e2
Add commas
...
git-svn-id: file:///home/svn/framework3/trunk@14007 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-19 20:41:09 +00:00
David Rude
521aec205b
Return on error
...
git-svn-id: file:///home/svn/framework3/trunk@14006 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-19 19:55:04 +00:00
Wei Chen
0f1ba8dcf1
Change user agent check
...
git-svn-id: file:///home/svn/framework3/trunk@13993 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 15:48:03 +00:00
HD Moore
e4290e40c4
Fix the check to not report empty user/pass
...
git-svn-id: file:///home/svn/framework3/trunk@13989 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 09:10:00 +00:00
Wei Chen
8e4f4a2672
Add CVE-2011-1774 (Safari libxslt arbitrary file creation)
...
git-svn-id: file:///home/svn/framework3/trunk@13987 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 07:39:50 +00:00
Wei Chen
fbbec1fa92
This exploit falls between NormalRanking to GoodRanking. I'll class it as Normal for now.
...
git-svn-id: file:///home/svn/framework3/trunk@13984 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 03:48:10 +00:00
Wei Chen
975cc52bac
Fix spelling errors
...
git-svn-id: file:///home/svn/framework3/trunk@13983 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 00:54:05 +00:00
Wei Chen
0304702b14
Mention where the getpc code is from, request by corelanc0d3r
...
git-svn-id: file:///home/svn/framework3/trunk@13974 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 14:56:44 +00:00
Tod Beardsley
c336d063da
Mostly file format (unix linefeeds) and File.open() calls using binary. Fixed ranking for mozilla_nstreerange and disclosure and BID # for tugzip.
...
git-svn-id: file:///home/svn/framework3/trunk@13971 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 04:20:53 +00:00
Tod Beardsley
3c36b0c975
Msftidy: knocking out all those trailing spaces. Screw those guys.
...
git-svn-id: file:///home/svn/framework3/trunk@13967 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 03:49:49 +00:00
Wei Chen
39a4488da5
Patch #5740 for Firefox Array.reduceRight() exploit
...
git-svn-id: file:///home/svn/framework3/trunk@13958 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 20:28:15 +00:00
Tod Beardsley
d059670d67
Fixes #5570 , commits TecR0c's exploit module, after running through msftidy.rb. Thanks!
...
git-svn-id: file:///home/svn/framework3/trunk@13952 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 15:47:04 +00:00
HD Moore
594b0687c7
Fix CVE reference format
...
git-svn-id: file:///home/svn/framework3/trunk@13950 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 09:55:07 +00:00
HD Moore
cf8524b1b4
Fixes #5414 by applying Joshua Taylor's patch that corrects bad reference types
...
git-svn-id: file:///home/svn/framework3/trunk@13949 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 09:53:53 +00:00
Tod Beardsley
020abd926b
A handful of rankings changes, also converting whitespace.
...
git-svn-id: file:///home/svn/framework3/trunk@13941 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 22:58:20 +00:00
Wei Chen
14d7db1641
Add disclosure dates to all the exploit modules that didn't have one
...
git-svn-id: file:///home/svn/framework3/trunk@13938 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 21:09:17 +00:00
Wei Chen
1adb31747d
This module is missing a ranking. Adding one.
...
git-svn-id: file:///home/svn/framework3/trunk@13936 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 20:35:18 +00:00
Wei Chen
2b746b3505
This module never got a ranking, adding one
...
git-svn-id: file:///home/svn/framework3/trunk@13934 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 20:07:59 +00:00
Wei Chen
4f4c0bc0be
Add CVE-2011-2371 Firefox Array.reduceRight() vuln
...
git-svn-id: file:///home/svn/framework3/trunk@13909 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-13 03:16:15 +00:00
Wei Chen
90a426cec6
Add PcVue 10 LoadObject/SaveObject vuln (Feature #5647 )
...
git-svn-id: file:///home/svn/framework3/trunk@13889 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 10:57:31 +00:00
James Lee
6578874439
don't bother escaping a tick
...
git-svn-id: file:///home/svn/framework3/trunk@13887 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 01:45:10 +00:00
Wei Chen
c1b1917dce
Change correct name for Lincoln. Also, this is feature #5646
...
git-svn-id: file:///home/svn/framework3/trunk@13868 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-11 03:30:14 +00:00
Wei Chen
e3111e0261
Add CVE-2008-4779
...
git-svn-id: file:///home/svn/framework3/trunk@13867 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-11 03:28:08 +00:00
Wei Chen
f54939cda9
Change target name and description. The module works on multiple systems.
...
git-svn-id: file:///home/svn/framework3/trunk@13853 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-10 16:47:33 +00:00
Wei Chen
8488343e46
Add CVE-2011-2595 (Feature #5645 )
...
git-svn-id: file:///home/svn/framework3/trunk@13852 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-10 16:11:05 +00:00
Wei Chen
756aafd7f2
Add CVE and OSVDB refs
...
git-svn-id: file:///home/svn/framework3/trunk@13848 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 22:56:17 +00:00
Joshua Drake
eab8a2434b
fix typo in description
...
git-svn-id: file:///home/svn/framework3/trunk@13845 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 19:39:15 +00:00
Wei Chen
487ee5b46e
Does not work against Win 7 SP0/SP1 and Windows Server 2003 SP2. Definitely not an universal target.
...
git-svn-id: file:///home/svn/framework3/trunk@13841 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 05:36:42 +00:00
Wei Chen
a3cc25615d
Add bug #5505 (scriptftp_list module)
...
git-svn-id: file:///home/svn/framework3/trunk@13839 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 04:17:03 +00:00
HD Moore
3d8a18cfd1
Fix tab indent
...
git-svn-id: file:///home/svn/framework3/trunk@13836 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-08 18:39:23 +00:00
Joshua Drake
2e7edeff81
See #3585 : Happy Third Birthday MS08-067!
...
Adds an AlwaysOn DEP bypass for XP SP2 and SP3
git-svn-id: file:///home/svn/framework3/trunk@13835 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-08 07:26:37 +00:00
Steve Tornio
93f8d73b0c
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@13810 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-02 17:03:23 +00:00
Mario Ceballos
711bfa7d53
initial coverage for ca total defense sqli
...
git-svn-id: file:///home/svn/framework3/trunk@13809 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-02 15:53:44 +00:00
Wei Chen
2b3a277124
Found an instance that causes the win 7 target to fail. This fix corrects it.
...
git-svn-id: file:///home/svn/framework3/trunk@13797 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-27 08:55:07 +00:00
Matt Weeks
de9e99bd3d
Fix some TOCTOU confusion and database errors.
...
git-svn-id: file:///home/svn/framework3/trunk@13779 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-23 15:12:19 +00:00
Wei Chen
ec6f290fbd
Add Windows 7 target and all kinds of stuff.
...
git-svn-id: file:///home/svn/framework3/trunk@13775 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-22 17:40:35 +00:00
Steve Tornio
e93341f9f1
add cve and osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@13768 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-21 11:55:56 +00:00
Wei Chen
5d4f68a6f2
Fix JS
...
git-svn-id: file:///home/svn/framework3/trunk@13767 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-21 03:13:45 +00:00
Wei Chen
936f3de84c
This simple math would do the trick
...
git-svn-id: file:///home/svn/framework3/trunk@13766 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-20 18:56:21 +00:00
Wei Chen
742edf1ad1
Add eSignal and eSignal Pro exploit
...
git-svn-id: file:///home/svn/framework3/trunk@13765 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-20 17:39:53 +00:00
Joshua Drake
3318b132c8
add x90c's email address
...
git-svn-id: file:///home/svn/framework3/trunk@13757 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-19 19:40:48 +00:00
Steve Tornio
ee09c028a0
add cve and osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@13756 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-19 11:38:49 +00:00
Matt Weeks
1d2ddc55e8
Add UI for PXE attack reset.
...
git-svn-id: file:///home/svn/framework3/trunk@13753 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-18 20:44:16 +00:00
James Lee
f4be092ac1
include the CVE with more details that definitely applies to this bug, in addition to the ambiguous one that may or may not
...
git-svn-id: file:///home/svn/framework3/trunk@13751 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-18 03:57:27 +00:00
Wei Chen
bf315b09ed
Add DAQFactory bof
...
git-svn-id: file:///home/svn/framework3/trunk@13750 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-18 02:45:55 +00:00
Tod Beardsley
10c76f66ba
Adding an extra print line to adobe_cooltype_sing that clearly displays the user-agent.
...
git-svn-id: file:///home/svn/framework3/trunk@13748 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-17 20:12:51 +00:00
Wei Chen
56025609f0
Add fix commit url to reference. Thx jduck!
...
git-svn-id: file:///home/svn/framework3/trunk@13745 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-17 06:48:33 +00:00
Wei Chen
2ebef435a0
Add CVE-2011-2950 Real Player heap overflow
...
git-svn-id: file:///home/svn/framework3/trunk@13738 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-16 19:22:29 +00:00
Wei Chen
6443ee024c
Add Measuresoft ScadaPro exploit
...
git-svn-id: file:///home/svn/framework3/trunk@13737 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-16 08:23:59 +00:00
Wei Chen
7569cad178
Correct variable use in heap spray js function
...
git-svn-id: file:///home/svn/framework3/trunk@13735 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-15 22:37:13 +00:00
Wei Chen
70fa0e630b
Add Windows 7 + IE 8 target. Also use a different approach to get code execution.
...
git-svn-id: file:///home/svn/framework3/trunk@13734 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-15 20:51:01 +00:00
Steve Tornio
de98758f2b
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@13728 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-13 20:10:28 +00:00
Wei Chen
9e5d07b201
Add ScadaTEC ScadaPhone bof
...
git-svn-id: file:///home/svn/framework3/trunk@13727 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-13 17:25:03 +00:00
Steve Tornio
e6ce90c551
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@13724 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-12 21:42:36 +00:00
Wei Chen
8b8388ed44
Add CVE-2011-3322 Procyon Core Server HMI
...
git-svn-id: file:///home/svn/framework3/trunk@13721 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-12 17:54:31 +00:00
Wei Chen
e597891a1f
Add support for DEP bypass
...
git-svn-id: file:///home/svn/framework3/trunk@13711 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-09 18:15:50 +00:00
James Lee
e31acef6e9
whitespace cleanup
...
git-svn-id: file:///home/svn/framework3/trunk@13702 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-07 15:30:08 +00:00
Mario Ceballos
6f28911d3d
added patch from joshua taylor.
...
git-svn-id: file:///home/svn/framework3/trunk@13698 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-06 19:58:40 +00:00
Wei Chen
819e673b88
Mention about the RSA attack in the description, also add a reference for it
...
git-svn-id: file:///home/svn/framework3/trunk@13697 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-06 17:22:00 +00:00
HD Moore
7fb4a3c571
Fix up the disablenops syntax
...
git-svn-id: file:///home/svn/framework3/trunk@13694 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-05 16:27:04 +00:00
Mario Ceballos
2f2421badc
initial coverage of the pnsize bug (fileformat)
...
git-svn-id: file:///home/svn/framework3/trunk@13691 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-03 21:17:58 +00:00
Wei Chen
44ba7e80d5
This module still works against 2.5 (most current as of Sept 2 2011)
...
git-svn-id: file:///home/svn/framework3/trunk@13688 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-03 04:52:04 +00:00
David Rude
8a070b81a2
Add the noobfuscation arg to the heaplib call
...
git-svn-id: file:///home/svn/framework3/trunk@13675 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-01 09:00:20 +00:00
Wei Chen
4e92190fa8
Add additional references, correct disclosure date
...
git-svn-id: file:///home/svn/framework3/trunk@13673 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-01 05:20:47 +00:00
Wei Chen
717b0eddee
Add DVD X plf playlist buffer overflow
...
git-svn-id: file:///home/svn/framework3/trunk@13672 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-01 05:14:21 +00:00
Wei Chen
22dc0ed551
Fix disclosure date
...
git-svn-id: file:///home/svn/framework3/trunk@13670 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-31 00:15:46 +00:00
David Rude
c5fe6ed503
Reset the target to allow for multiple client connections
...
git-svn-id: file:///home/svn/framework3/trunk@13669 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-30 22:29:14 +00:00
David Rude
70dffd6afb
Adds Citrix Gateway ActiveX Stack Based Buffer Overflow module
...
git-svn-id: file:///home/svn/framework3/trunk@13666 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-30 22:22:32 +00:00
Matt Weeks
6853221762
Fixes #5313 by adding logging support to pivoted PXE attacks, and displaying results as the module runs.
...
git-svn-id: file:///home/svn/framework3/trunk@13646 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-27 15:46:49 +00:00
Matt Weeks
f9e651d382
Report to DB too.
...
git-svn-id: file:///home/svn/framework3/trunk@13640 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-25 22:56:22 +00:00
Matt Weeks
23b4f4ed98
Address #5313 for locally-launched PXE attacks.
...
git-svn-id: file:///home/svn/framework3/trunk@13639 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-25 22:48:33 +00:00
amaloteaux
9cfba23558
psexec: allow o upload payload in a subfolder
...
git-svn-id: file:///home/svn/framework3/trunk@13638 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-25 22:30:46 +00:00
Matt Weeks
06c3dabe31
Fixes #5312 for pivoted PXE attacks.
...
git-svn-id: file:///home/svn/framework3/trunk@13634 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-25 02:07:35 +00:00
David Rude
b331073851
cleaned up some column width issues, added on_new_session clean up code to remove files
...
git-svn-id: file:///home/svn/framework3/trunk@13599 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-20 17:47:03 +00:00
Wei Chen
6723c7fb3e
Minor metadata format fix
...
git-svn-id: file:///home/svn/framework3/trunk@13593 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-20 00:11:22 +00:00
Wei Chen
8fbd81a0f0
Add HP Easy Printer xmlsimpleaccessor exploit
...
git-svn-id: file:///home/svn/framework3/trunk@13592 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 23:49:45 +00:00
Mario Ceballos
aef764de08
working on moving things referenced in Feature #653 . added different param for secure backup
...
git-svn-id: file:///home/svn/framework3/trunk@13591 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 18:35:29 +00:00
Wei Chen
fe53151324
fix tabs
...
git-svn-id: file:///home/svn/framework3/trunk@13590 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 16:58:50 +00:00
Wei Chen
056adf7063
Add Win 7 target
...
git-svn-id: file:///home/svn/framework3/trunk@13589 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 16:57:19 +00:00
Wei Chen
2a62ac35ac
Fix bug #5267
...
git-svn-id: file:///home/svn/framework3/trunk@13573 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-17 06:14:51 +00:00
Wei Chen
6c58dad979
ugh, why the extra spaces
...
git-svn-id: file:///home/svn/framework3/trunk@13566 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-15 15:34:49 +00:00
Wei Chen
eaa5cf6b5d
Use heaplib on IE 8, allow obfuscation as an option
...
git-svn-id: file:///home/svn/framework3/trunk@13565 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-15 15:32:17 +00:00
Wei Chen
55d60a1af2
Allow JavaScript obfuscation as an option
...
git-svn-id: file:///home/svn/framework3/trunk@13556 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-13 02:28:49 +00:00
Wei Chen
c29a4d5ea3
Specify UUID offset for the custom .Net binary
...
git-svn-id: file:///home/svn/framework3/trunk@13555 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-13 02:15:05 +00:00
Wei Chen
f8bf910fbb
missing var
...
git-svn-id: file:///home/svn/framework3/trunk@13554 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-13 02:05:08 +00:00
Wei Chen
8bf7a9990b
Improve javascript obfuscation, and allow it as an option
...
git-svn-id: file:///home/svn/framework3/trunk@13553 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-12 23:03:11 +00:00
Wei Chen
20f4280d9f
Exploit is much more reliable than before, it gets a promotion
...
git-svn-id: file:///home/svn/framework3/trunk@13549 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-12 19:17:23 +00:00
Wei Chen
bfc59e4c62
Add MS10-026 exploit
...
git-svn-id: file:///home/svn/framework3/trunk@13547 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-12 19:04:25 +00:00
Wei Chen
3b04e7bd9e
Add routine to check target before exploiting it
...
git-svn-id: file:///home/svn/framework3/trunk@13535 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 23:05:45 +00:00
Wei Chen
0d9908435a
Allow JavaScript obfuscation as an option
...
git-svn-id: file:///home/svn/framework3/trunk@13533 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 22:18:25 +00:00
Wei Chen
456aeeb90b
Allow JavaScript obfuscation as an option
...
git-svn-id: file:///home/svn/framework3/trunk@13530 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 18:47:21 +00:00
Wei Chen
4ac431948a
Allow JavaScript obfuscation as an option
...
git-svn-id: file:///home/svn/framework3/trunk@13524 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 15:50:43 +00:00
Wei Chen
a1526e86b8
Use heaplib to spray, and use obfuscation as an option
...
git-svn-id: file:///home/svn/framework3/trunk@13523 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 15:25:14 +00:00
Steve Tornio
a6a444930e
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@13522 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 11:17:30 +00:00
Wei Chen
950a4215a0
Fix a problem where resp.index() might return nil
...
git-svn-id: file:///home/svn/framework3/trunk@13521 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 09:03:19 +00:00
Wei Chen
6a89cf5859
Add TeeChart Professional ActiveX exploit
...
git-svn-id: file:///home/svn/framework3/trunk@13520 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 08:41:30 +00:00
Matt Weeks
dad6103944
Fix documentation to match change; will only affect windows.
...
git-svn-id: file:///home/svn/framework3/trunk@13519 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 03:05:58 +00:00
Matt Weeks
f12742a05f
Better cleanup for PXE attacks.
...
git-svn-id: file:///home/svn/framework3/trunk@13518 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 02:57:02 +00:00
Wei Chen
58198f37ba
Fix reference link
...
git-svn-id: file:///home/svn/framework3/trunk@13513 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-10 18:58:20 +00:00
Wei Chen
8dc4228ee0
Fix very minor typo
...
git-svn-id: file:///home/svn/framework3/trunk@13508 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-10 17:05:49 +00:00
Wei Chen
3b1769d621
Add Mozilla Firefox 3.6.16 mChannel Use After Free exploit by Rh0
...
git-svn-id: file:///home/svn/framework3/trunk@13507 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-10 05:58:02 +00:00
Matt Weeks
b2733c04db
More PXE dust for extra magic!
...
git-svn-id: file:///home/svn/framework3/trunk@13493 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-05 17:10:27 +00:00
Wei Chen
a0168d59a8
Minor fix to comply with the 100 columns per line guideline
...
git-svn-id: file:///home/svn/framework3/trunk@13467 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-01 21:20:29 +00:00
David Rude
bee7fba3c8
Small typo fix and some minor formatting
...
git-svn-id: file:///home/svn/framework3/trunk@13466 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-01 19:34:01 +00:00
David Rude
118ca372b3
adding CA Arcserve D2D GWT Credential Information Disclosure module
...
git-svn-id: file:///home/svn/framework3/trunk@13465 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-01 14:40:52 +00:00
Tod Beardsley
df52bfaa4f
Ensure that we check for pcaprub before doing much anything else for those modules that actually require it. In some cases, that means moving open_pcap() up to be the first method call, in others, insert check_pcaprub_loaded first. Also removes a few cases of redundant checking (the Capture mixin does all this already anyway).
...
git-svn-id: file:///home/svn/framework3/trunk@13381 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-27 20:21:47 +00:00
Wei Chen
6fc59d5287
Fill in BID reference
...
git-svn-id: file:///home/svn/framework3/trunk@13330 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-24 19:42:40 +00:00
Wei Chen
6bf90f884e
Fix debug mode and some extra tabs in JS
...
git-svn-id: file:///home/svn/framework3/trunk@13325 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-24 00:22:29 +00:00
Wei Chen
f47a2c7565
Format dictatorship round 2: Fix author e-mail format for all exploit modules
...
git-svn-id: file:///home/svn/framework3/trunk@13297 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-22 20:17:58 +00:00
Wei Chen
25c89c2e7a
Put the short jmp in there
...
git-svn-id: file:///home/svn/framework3/trunk@13224 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-19 15:07:00 +00:00
HD Moore
7dbb56b38b
No longer default a target for XP systems; some obscure builds of XP Embedded SP1 have a different offset and not good way to differentiate
...
git-svn-id: file:///home/svn/framework3/trunk@13214 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-19 01:40:26 +00:00
Wei Chen
3ca9b51984
oops, a little mistake in the description
...
git-svn-id: file:///home/svn/framework3/trunk@13212 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-18 20:46:08 +00:00
Wei Chen
821e9dd68b
Updated metadata, merged code with #4923 . Thx Joff.
...
git-svn-id: file:///home/svn/framework3/trunk@13211 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-18 20:39:27 +00:00
HD Moore
764bb36f44
Wait a little longer for a session (5 seconds)
...
git-svn-id: file:///home/svn/framework3/trunk@13208 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-18 16:05:51 +00:00
HD Moore
8887fe86b8
Either the offset or the env page moves around for this exploit on some non-english systems, do not default the target for 2003 SP0
...
git-svn-id: file:///home/svn/framework3/trunk@13206 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-18 14:59:55 +00:00
Wei Chen
2eeffc39fc
Add Iconics GENESIS32 GenBroker exploit by lincoln and corelanc0d3r
...
git-svn-id: file:///home/svn/framework3/trunk@13197 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-17 15:01:46 +00:00
Wei Chen
681563adc9
Fix that extra tab in the description
...
git-svn-id: file:///home/svn/framework3/trunk@13194 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-16 05:21:20 +00:00
Wei Chen
2e93ba06ba
Add HP NNM ToolBar.exe exploit aganist the OvOSLocale cookie parameter
...
git-svn-id: file:///home/svn/framework3/trunk@13193 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-16 05:14:33 +00:00
Wei Chen
86b40e894b
Make room for another exploit against ToolBar.exe
...
git-svn-id: file:///home/svn/framework3/trunk@13192 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-16 04:45:21 +00:00
James Lee
c412a836ed
add VERBOSE option to all modules and vprint_* methods to use it
...
git-svn-id: file:///home/svn/framework3/trunk@13183 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-15 15:33:35 +00:00
Steve Tornio
9278b0a5f5
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@13152 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-11 06:59:00 +00:00
Wei Chen
94aea207d3
Remove extra tabs and spaces
...
git-svn-id: file:///home/svn/framework3/trunk@13148 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-10 21:10:45 +00:00
Wei Chen
9892eb39eb
Syntax fix
...
git-svn-id: file:///home/svn/framework3/trunk@13147 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-10 20:50:52 +00:00
Wei Chen
32a7eb0000
svn propset
...
git-svn-id: file:///home/svn/framework3/trunk@13146 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-10 19:19:00 +00:00
David Rude
7958516549
Adds Xeros Firefox nstreerange exploit
...
git-svn-id: file:///home/svn/framework3/trunk@13143 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-10 17:12:53 +00:00
Wei Chen
5b69b52ec4
"InitialAutoRunScript" is more like it
...
git-svn-id: file:///home/svn/framework3/trunk@13142 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-10 07:28:12 +00:00
Wei Chen
6448daf571
MS10-018, y u no InitialAutoRunScript
...
git-svn-id: file:///home/svn/framework3/trunk@13141 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-10 07:02:38 +00:00
Wei Chen
15f82402af
I changed my mind. The ATTEMPTS options is required.
...
git-svn-id: file:///home/svn/framework3/trunk@13137 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-09 04:10:52 +00:00
Wei Chen
1246fd5731
Added Blue Coat Authentication Authorization Agent exploit
...
git-svn-id: file:///home/svn/framework3/trunk@13134 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-09 01:40:29 +00:00
Steve Tornio
94640b6bc4
add osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@13115 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-07 11:54:54 +00:00
Wei Chen
47e6c4a89f
Added #4870 - MicroP .mppl buffer overflow exploit
...
git-svn-id: file:///home/svn/framework3/trunk@13114 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-07 06:29:37 +00:00
HD Moore
78f2525fdc
Fixes #4879 by adding a new target from bperry
...
git-svn-id: file:///home/svn/framework3/trunk@13110 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-07 03:33:04 +00:00
Wei Chen
1058948419
Updated ROP, no more hardcoded ntdll addresses
...
git-svn-id: file:///home/svn/framework3/trunk@13106 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-06 07:22:24 +00:00
Wei Chen
7589f8d2f1
Updated target name that works against multiple systems (thx corelanc0d3r)
...
git-svn-id: file:///home/svn/framework3/trunk@13105 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-06 01:59:24 +00:00
Wei Chen
1e4dfaf6de
Change author name for dookie
...
git-svn-id: file:///home/svn/framework3/trunk@13096 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-04 22:33:47 +00:00
Wei Chen
2f6b89516a
Added HP Data Protector omniinet buffer overflow with opcode 20
...
git-svn-id: file:///home/svn/framework3/trunk@13092 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-04 17:02:40 +00:00
HD Moore
db6b8c3545
Probably time to fess up :)
...
git-svn-id: file:///home/svn/framework3/trunk@13088 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-02 01:09:46 +00:00
Wei Chen
dbd04d754a
Change to a better P/P/R, tested on 4 different machines. Thx fdiskyou.
...
git-svn-id: file:///home/svn/framework3/trunk@13081 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-01 22:26:12 +00:00
Mario Ceballos
b6e1c6a967
add exploit module hp_omniinet_3.rb
...
git-svn-id: file:///home/svn/framework3/trunk@13080 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-01 17:07:38 +00:00
Wei Chen
fc33b1d20e
'\x00' isn't the same as "\x00"
...
git-svn-id: file:///home/svn/framework3/trunk@13051 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-28 19:45:51 +00:00
Wei Chen
73dc5c605b
Change ranking. Because looks like it works better than "average"
...
git-svn-id: file:///home/svn/framework3/trunk@13042 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-27 18:00:12 +00:00
Wei Chen
e6995b4912
Added ZDI-11-023 Citrix Provisioning Services bof exploit (Feature #4798 )
...
git-svn-id: file:///home/svn/framework3/trunk@13041 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-27 17:54:18 +00:00
Wei Chen
1b25cf3c43
Using SEH instead of egghunter. Verified again on Win2k3. thx to MC.
...
git-svn-id: file:///home/svn/framework3/trunk@13036 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-26 19:28:14 +00:00
Wei Chen
6325515ca7
Minor name change
...
git-svn-id: file:///home/svn/framework3/trunk@13034 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-26 16:09:53 +00:00
Wei Chen
07f415f4e0
Forgot to switch back to random paddings
...
git-svn-id: file:///home/svn/framework3/trunk@13033 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-26 16:06:39 +00:00
Wei Chen
f0e6159a35
Minor name change for the exploit
...
git-svn-id: file:///home/svn/framework3/trunk@13031 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-26 06:01:21 +00:00
Wei Chen
13b2209f3d
Added Microsoft Visio DXF File Buffer Overflow Exploit by Juan
...
git-svn-id: file:///home/svn/framework3/trunk@13030 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-26 05:59:37 +00:00
Wei Chen
0cf51f8d5a
Exploit name change. Also, this thing doesn't use seh.
...
git-svn-id: file:///home/svn/framework3/trunk@13026 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-25 14:25:45 +00:00
Steve Tornio
27eb48f650
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@13025 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-25 11:27:55 +00:00
Wei Chen
f16f850fc6
Added Siemens FactoryLink 8 csservice.exe (port 7580)
...
git-svn-id: file:///home/svn/framework3/trunk@13019 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-25 00:54:18 +00:00
David Rude
37b7345fea
Adds Ranking and Fileformat version of the Lotus Notes LZH Exploit
...
git-svn-id: file:///home/svn/framework3/trunk@13015 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-23 15:43:54 +00:00
Steve Tornio
59943cb367
add osvdb and cve refs
...
git-svn-id: file:///home/svn/framework3/trunk@13014 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-23 12:05:09 +00:00
David Rude
7b5860d0ab
Fix a bug if the RHOST length is 15 or longer
...
git-svn-id: file:///home/svn/framework3/trunk@13013 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-23 09:58:50 +00:00
David Rude
df8bf68722
Adds Lotus Notes .lzh Autonomy Keyview Exploit
...
git-svn-id: file:///home/svn/framework3/trunk@13012 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-23 09:51:16 +00:00
Wei Chen
1223275330
Change ranking for now until we have a better solution for SP3
...
git-svn-id: file:///home/svn/framework3/trunk@13009 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-23 01:04:29 +00:00
Wei Chen
bd62c13fb0
Added RealWin SCADA Server DATAC Login Buffer Overflow (Feature #4787 ))
...
git-svn-id: file:///home/svn/framework3/trunk@13007 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-22 22:36:55 +00:00
James Lee
57cf0b04a7
stack overflow != stack buffer overflow
...
git-svn-id: file:///home/svn/framework3/trunk@13001 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-21 23:27:16 +00:00
Steve Tornio
465bc8ce88
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@13000 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-21 22:42:53 +00:00
Mario Ceballos
a5a1f1587f
add another scada module. winlog_runtime.rb
...
git-svn-id: file:///home/svn/framework3/trunk@12999 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-21 21:48:30 +00:00
Wei Chen
0400a72ab0
RCA, description update, and some text randomness
...
git-svn-id: file:///home/svn/framework3/trunk@12998 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-21 21:08:57 +00:00
Joshua Drake
69963a45ab
Fixes #4752 - Auto-detect the windows directory and use it for subsequent requests
...
git-svn-id: file:///home/svn/framework3/trunk@12997 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-21 18:55:28 +00:00
Steve Tornio
03464a168e
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12996 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-21 18:02:35 +00:00
David Rude
d796f523a6
Adds FactorLink vrn.exe exploit from hal
...
git-svn-id: file:///home/svn/framework3/trunk@12995 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-21 13:20:18 +00:00
Wei Chen
fdbc038bd0
Add BlackIce Cover Page ActiveX downloadimagefileurl exploit
...
git-svn-id: file:///home/svn/framework3/trunk@12992 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-21 02:51:39 +00:00
Steve Tornio
8ee3bf7f54
add cve, osvdb and bugtraq id.
...
git-svn-id: file:///home/svn/framework3/trunk@12978 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-20 11:07:22 +00:00
HD Moore
3831e49455
See #4506 for Macro handling
...
git-svn-id: file:///home/svn/framework3/trunk@12977 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-20 07:23:16 +00:00
Wei Chen
0b30256203
Add licensing
...
git-svn-id: file:///home/svn/framework3/trunk@12975 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-20 04:01:47 +00:00
Wei Chen
eff703b3ad
Add SCADA Realwin On_FC_CONNECT_FCS_a_FILE buffer overflow
...
git-svn-id: file:///home/svn/framework3/trunk@12974 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-20 00:37:13 +00:00
Steve Tornio
650762517f
update CVE and OSVDB to match what the author said
...
git-svn-id: file:///home/svn/framework3/trunk@12964 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-17 17:35:57 +00:00
Steve Tornio
7c47b48f5b
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12962 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-17 01:56:20 +00:00
Wei Chen
23cc89482b
CVE correction, thanks Kurt.
...
git-svn-id: file:///home/svn/framework3/trunk@12961 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-17 00:56:11 +00:00
Wei Chen
eae350b88b
CVE-2011-1260 seems to be the right one
...
git-svn-id: file:///home/svn/framework3/trunk@12959 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-16 22:27:10 +00:00
Wei Chen
0a04835138
Added MS11-050 by d0c_s4vage
...
git-svn-id: file:///home/svn/framework3/trunk@12956 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-16 21:19:12 +00:00
HD Moore
d11e1f3294
Make all keywords consistent for modules.
...
git-svn-id: file:///home/svn/framework3/trunk@12936 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-13 03:38:31 +00:00
David Rude
04d280fdd0
minor fixes
...
git-svn-id: file:///home/svn/framework3/trunk@12925 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-12 00:04:55 +00:00
David Rude
ee7454c5e6
Added IBM Tivoli Endpoint Manager HTTP POST query buffer overflow exploit
...
git-svn-id: file:///home/svn/framework3/trunk@12922 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-11 23:48:18 +00:00
Steve Tornio
579d823070
add osvdb and cve refs
...
git-svn-id: file:///home/svn/framework3/trunk@12893 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-09 20:44:52 +00:00
David Rude
247251ac07
Remove references to OUTPUTPATH options, unless files are created using a different method
...
git-svn-id: file:///home/svn/framework3/trunk@12892 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-09 19:51:56 +00:00
Wei Chen
24bb7c3d8d
7-Technologies IGSS v9.0 Rename command buffer overflow
...
git-svn-id: file:///home/svn/framework3/trunk@12886 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-09 06:04:04 +00:00
David Rude
e2820918ad
adds Windows XP SP3 target and updates the reference link
...
git-svn-id: file:///home/svn/framework3/trunk@12873 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-06 20:29:02 +00:00
David Rude
b9e398c706
adds support for SSL
...
git-svn-id: file:///home/svn/framework3/trunk@12872 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-06 20:15:51 +00:00
David Rude
31a659e55a
Fixed this up to use the new JS obfuscation hotness thanks to egyp7s rkelly fu!
...
git-svn-id: file:///home/svn/framework3/trunk@12871 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-06 19:49:33 +00:00
Steve Tornio
377a18030a
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12869 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-06 19:06:18 +00:00
David Rude
3d7715ce60
Added Cisco AnyConnect VPN Client ActiveX download and execute exploit
...
git-svn-id: file:///home/svn/framework3/trunk@12868 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-06 18:52:26 +00:00
Wei Chen
2e861a2fa8
Added CVE
...
git-svn-id: file:///home/svn/framework3/trunk@12865 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-06 02:35:40 +00:00
James Lee
bee19278d7
add a new javascript obfuscation engine using rkelly for parsing. use it in browser_autopwn and ms10_018_ie_behaviors. see #1003
...
git-svn-id: file:///home/svn/framework3/trunk@12839 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-03 00:36:26 +00:00
Steve Tornio
6890ec5610
add cve and osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@12816 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-02 12:24:25 +00:00
David Rude
bfdb3a2a36
Added GoldenFTP exploit
...
git-svn-id: file:///home/svn/framework3/trunk@12812 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-02 01:10:22 +00:00
Steve Tornio
f43368ebe4
add osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@12779 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-31 14:33:19 +00:00
Wei Chen
396e476a03
Updated description, documented packet header a bit
...
git-svn-id: file:///home/svn/framework3/trunk@12774 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-30 21:17:35 +00:00
Wei Chen
b950219b0d
Fix typo
...
git-svn-id: file:///home/svn/framework3/trunk@12773 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-30 21:06:56 +00:00
Wei Chen
4d044ee592
Added 7-Technologies IGSS 9.0 Write File / EXE packet handling exploit
...
git-svn-id: file:///home/svn/framework3/trunk@12772 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-30 21:00:49 +00:00
Jonathan Cran
ef7a7adc1e
escape slashes, thanks aushack
...
git-svn-id: file:///home/svn/framework3/trunk@12738 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-27 06:14:52 +00:00
Steve Tornio
782b1c6dd6
add stratsec ref, update disclosure to match public timeline
...
git-svn-id: file:///home/svn/framework3/trunk@12716 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 13:57:12 +00:00
Wei Chen
c1233db428
ugh! It's visiwavereport.exe, not visiwave.exe.
...
git-svn-id: file:///home/svn/framework3/trunk@12711 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 04:48:25 +00:00
Wei Chen
0c60fe5a4b
Couldn't help but patch-diff it and updated the description again
...
git-svn-id: file:///home/svn/framework3/trunk@12710 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 04:45:17 +00:00
Wei Chen
6b6c6b2f64
We're actually not using 'Ret', it is removed.
...
git-svn-id: file:///home/svn/framework3/trunk@12706 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-24 23:15:06 +00:00
Wei Chen
af4b8bfef6
RCA done, the new description explains what really happens that causes the vulnerability.
...
git-svn-id: file:///home/svn/framework3/trunk@12705 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-24 22:58:10 +00:00
Wei Chen
f80c66ee8f
Disclosure date is actually May 10 2011, confirmed by Mr_Me.
...
git-svn-id: file:///home/svn/framework3/trunk@12698 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-23 23:55:03 +00:00
Steve Tornio
fd6a3def6e
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12695 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-23 19:50:57 +00:00
Wei Chen
d900892da8
Disclosure date change. '2007' wouldn't make sense now, would it?
...
git-svn-id: file:///home/svn/framework3/trunk@12692 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-23 16:30:07 +00:00
Wei Chen
8089d10618
Added VisiWave Site Survey Report buffer overflow exploit
...
git-svn-id: file:///home/svn/framework3/trunk@12691 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-23 16:28:38 +00:00
Steve Tornio
28d5febfad
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12688 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-22 23:41:15 +00:00
Wei Chen
e916a61eec
Date format fix
...
git-svn-id: file:///home/svn/framework3/trunk@12685 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-22 22:09:52 +00:00
Wei Chen
d9c0d1c941
Added Magix Musik Maker 16 buffer overflow exploit
...
git-svn-id: file:///home/svn/framework3/trunk@12684 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-22 22:08:09 +00:00
James Lee
36983436db
play a little nicer with browser autopwn by not spraying the heap if creating the vulnerable object failed
...
git-svn-id: file:///home/svn/framework3/trunk@12667 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-19 19:45:14 +00:00
James Lee
0b88468617
out with the new, in with the old. css_clip is pretty unreliable in my tests, go back to using ie_behaviors in browser autopwn
...
git-svn-id: file:///home/svn/framework3/trunk@12663 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-19 16:33:55 +00:00
Wei Chen
f9c49ef9ce
Comment update (this is still for the egghunter fix: bug #4552 )
...
git-svn-id: file:///home/svn/framework3/trunk@12657 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-18 19:50:22 +00:00
Wei Chen
6345fec06c
checksum support for egghunter disabled, because not enough room for it. See r4552.
...
git-svn-id: file:///home/svn/framework3/trunk@12656 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-18 19:48:06 +00:00
Steve Tornio
72692d27f7
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12643 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-17 11:28:25 +00:00
Wei Chen
4f56444f2c
Fix for nops
...
git-svn-id: file:///home/svn/framework3/trunk@12639 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-16 19:30:17 +00:00
Wei Chen
95700687de
Added IGSS 9 buffer overflow
...
git-svn-id: file:///home/svn/framework3/trunk@12638 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-16 19:02:05 +00:00
Wei Chen
40894c3726
Moving Iconics webhmi activeX exploit from browser to scada directory
...
git-svn-id: file:///home/svn/framework3/trunk@12584 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-11 20:45:54 +00:00
Steve Tornio
d0c93f7e49
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12582 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-11 11:33:16 +00:00
Wei Chen
5d59d819ac
Added SPlayer Content-Type bof
...
git-svn-id: file:///home/svn/framework3/trunk@12581 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-11 00:18:11 +00:00
Steve Tornio
b84df80983
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12576 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-10 19:16:07 +00:00
Wei Chen
105b5799af
Added ICONICS WebHMI ActiveX SetActiveXGuid bof
...
git-svn-id: file:///home/svn/framework3/trunk@12573 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-10 18:07:15 +00:00
Steve Tornio
c87ba8f026
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12557 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-06 19:33:01 +00:00
Joshua Drake
5b8e4707cc
Add an exploit for CVE-2011-1574 (libmodplug via VLC 1.1.8)
...
git-svn-id: file:///home/svn/framework3/trunk@12544 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-06 15:29:07 +00:00
Wei Chen
8d78a47e45
get_resource() added to 'src' parameter
...
git-svn-id: file:///home/svn/framework3/trunk@12543 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-05 22:10:30 +00:00
David Rude
c80d454dd7
fixes some logic which restricted the use of other windows targets
...
git-svn-id: file:///home/svn/framework3/trunk@12542 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-05 15:11:46 +00:00
David Rude
a8b6c43636
reverting the disclosure dates for now need to clean up the patch
...
git-svn-id: file:///home/svn/framework3/trunk@12540 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-04 20:43:19 +00:00
David Rude
3b7ea08f6a
Fixes a ton of Disclosure Date discrepencies in various modules, thanks a ton to Michael Baker for spending the time to ensure accuracy
...
git-svn-id: file:///home/svn/framework3/trunk@12539 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-04 19:17:31 +00:00
Steve Tornio
fdd9b361bb
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12532 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-03 11:40:09 +00:00
Wei Chen
9c619c3a40
Added mjm quickplayer s3m bof
...
git-svn-id: file:///home/svn/framework3/trunk@12474 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-30 02:37:14 +00:00
Wei Chen
72af607aef
Added MJM Coreplayer s3m bof
...
git-svn-id: file:///home/svn/framework3/trunk@12473 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-30 02:36:14 +00:00
Mario Ceballos
be2f68afbd
this method doesnt work with a licensed install.
...
git-svn-id: file:///home/svn/framework3/trunk@12470 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-29 22:17:40 +00:00
Wei Chen
8fa4443a68
Added Subtitle Processor 7.7.1 bof
...
git-svn-id: file:///home/svn/framework3/trunk@12461 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-28 08:12:32 +00:00
Mario Ceballos
be83842dff
added exploit module emc_homebase_exec.rb
...
git-svn-id: file:///home/svn/framework3/trunk@12458 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-27 20:29:27 +00:00
Wei Chen
f59db11f0e
Fixed typo in description. Thanks ragecyr.
...
git-svn-id: file:///home/svn/framework3/trunk@12456 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-27 16:54:49 +00:00
Wei Chen
a31ac81b57
Added eZip Wizard 3.0 Stack Buffer Overflow
...
git-svn-id: file:///home/svn/framework3/trunk@12428 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-25 01:06:34 +00:00
Wei Chen
2772be9125
Small offset change for Win 7 target requested by sd
...
git-svn-id: file:///home/svn/framework3/trunk@12422 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-24 03:50:55 +00:00
Wei Chen
c5d51cf810
Disclosure date change
...
git-svn-id: file:///home/svn/framework3/trunk@12391 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-21 15:45:07 +00:00
Wei Chen
7ef79e3ca5
Changed disclosure date
...
git-svn-id: file:///home/svn/framework3/trunk@12389 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-21 15:34:01 +00:00
Mario Ceballos
31f2afc033
fix date
...
git-svn-id: file:///home/svn/framework3/trunk@12388 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-21 11:12:34 +00:00
Wei Chen
cb491e35d2
Changed disclosure date
...
git-svn-id: file:///home/svn/framework3/trunk@12384 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-21 02:10:40 +00:00
Wei Chen
458d8cccb8
Modified heap spray routine. Added IE 8 target for XP SP3.
...
git-svn-id: file:///home/svn/framework3/trunk@12383 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-20 21:55:33 +00:00
amaloteaux
a08bef0a47
allow the wireshark dect dissector exploit to be used remotly
...
git-svn-id: file:///home/svn/framework3/trunk@12376 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-20 16:36:48 +00:00
Wei Chen
488c6de9df
Description change again
...
git-svn-id: file:///home/svn/framework3/trunk@12371 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-19 16:41:58 +00:00
Wei Chen
4b7595b8e4
Updated the size of the pcap file. Description also udpated.
...
git-svn-id: file:///home/svn/framework3/trunk@12369 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-19 16:34:17 +00:00
Wei Chen
6d0bfaaa57
Updated author
...
git-svn-id: file:///home/svn/framework3/trunk@12368 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-19 15:23:49 +00:00
Steve Tornio
0859bb18a7
add cve and osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@12365 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-19 11:32:17 +00:00
Wei Chen
90668a9913
Date format fix
...
git-svn-id: file:///home/svn/framework3/trunk@12364 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-19 07:53:58 +00:00
Wei Chen
9d40da6bbb
Title change
...
git-svn-id: file:///home/svn/framework3/trunk@12363 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-19 06:43:05 +00:00
Wei Chen
9c60889f02
Added Wireshark packet-dect memcpy overflow (.pcap)
...
git-svn-id: file:///home/svn/framework3/trunk@12362 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-19 06:41:57 +00:00
Wei Chen
d4dd84536d
Added Win 7 target
...
git-svn-id: file:///home/svn/framework3/trunk@12361 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-19 03:10:36 +00:00
HD Moore
b94d09cdf1
Try a little harder to make this module more reliable through TCP proxies
...
git-svn-id: file:///home/svn/framework3/trunk@12359 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-18 20:53:21 +00:00
Wei Chen
c28e7259ac
Added CVE-2011-0611 Adobe Flash 0day
...
git-svn-id: file:///home/svn/framework3/trunk@12330 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-16 02:09:33 +00:00
Wei Chen
9ac36d6e0a
Forgot to change two other hardcoded junks to random alpha bytes
...
git-svn-id: file:///home/svn/framework3/trunk@12322 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-14 23:28:58 +00:00
Wei Chen
b81d87173f
Added mr_me's Win XP SP3 + DEP target
...
git-svn-id: file:///home/svn/framework3/trunk@12320 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-14 23:08:47 +00:00
James Lee
b5e0962e3e
return the appropriate check codes instead of just printing stuff. add some error checks to avoid stack traces against samba and non-existant hosts
...
git-svn-id: file:///home/svn/framework3/trunk@12314 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-13 23:26:07 +00:00
Steve Tornio
79e84a46e9
add cve & osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@12306 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-12 11:04:29 +00:00
Wei Chen
33249bea32
Changed 0x90 nops to make_nops() instead
...
git-svn-id: file:///home/svn/framework3/trunk@12305 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-11 23:32:41 +00:00
Wei Chen
3dec79f346
Format fix again
...
git-svn-id: file:///home/svn/framework3/trunk@12304 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-11 23:24:12 +00:00